Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Arctic Wolf

UNC6384 Weaponizes ZDI-CAN-25373 Vulnerability to Deploy PlugX Against Hungarian and Belgian Diplomatic Entities

Oct 30, 2025 By Arctic Wolf Labs In Arctic Wolf
Threat Actor Name: UNC6384 Targeted Industries: Government, Diplomatic Services Geographic Focus: Hungary, Belgium, Serbia, Italy, Netherlands (broader European diplomatic community)
Read Post

SOCast: No Shortcuts - A Discussion on Cyber Resilience

Oct 30, 2025 By Arctic Wolf Networks In Arctic Wolf
Why do people take shortcuts in security, and how can we prevent them? Join us for a special live episode of Arctic Wolf SOCast as our experts unpack the psychology behind risky security behaviors and explore how AI is influencing decision-making in today’s workplaces. We’ll also reveal new data on how IT leaders and employees are using tools like ChatGPT and other generative AI platforms, and what that means for your organization’s security posture.
View Video

The Howler Episode 23 - Matthew Trushinski, Vice President of Product Marketing

Oct 28, 2025 By Arctic Wolf Networks In Arctic Wolf
This month we sit down with Matthew Trushinski, Vice President of Product Marketing, as he shares how he cultivates creativity & innovation within himself and his team, skills he thinks all product marketers should have, and so much more! Matthew Trushinski has a diverse technology marketing background including carrier networks, IoT, smart cities, AI and security. As the Vice President of Product Marketing for Arctic Wolf, he works with customers and prospects to improve their security operations.
View Video
Arctic Wolf

Microsoft Releases Emergency Patch for Exploited Critical Remote Code Execution Vulnerability (CVE-2025-59287)

Oct 24, 2025 By Andres Ramos In Arctic Wolf
On October 23, 2025, Microsoft released an out-of-band security update for a critical vulnerability tracked as CVE-2025-59287. The flaw stems from the deserialization of untrusted data in Windows Server Update Services (WSUS), which allows remote, unauthenticated threat actors to achieve remote code execution by sending a crafted event. According to Microsoft, only Windows servers with the WSUS Server Role enabled are affected. This feature is not enabled by default.
Read Post
Arctic Wolf

Brazilian Caminho Loader Employs LSB Steganography and Fileless Execution to Deliver Multiple Malware Families Across South America, Africa, and Eastern Europe

Oct 21, 2025 By Arctic Wolf Labs In Arctic Wolf
Arctic Wolf Labs has identified and analyzed a new malware loader we’re calling Caminho, a Brazilian-origin Loader-as-a-Service (LaaS) operation employing Least Significant Bit (LSB) steganography to conceal.NET payloads within image files hosted on legitimate platforms.
Read Post
Arctic Wolf

The Role of Tabletop Exercises in IR Planning

Oct 21, 2025 By Arctic Wolf In Arctic Wolf
Stopping a cyber incident and restoring operations requires more than technology — it depends on having the right plans, people, and processes working together under pressure. Effective incident response (IR) readiness helps position your organization to act with precision to contain threats, prevent escalation, and return to normal operations quickly. A cornerstone of a mature IR strategy is the tabletop exercise.
Read Post
Arctic Wolf

Implementing Effective Security Awareness Training for Employees: Top Challenges and How To Solve Them

Oct 17, 2025 By Arctic Wolf In Arctic Wolf
Positive security outcomes don’t happen by chance — they result from a culture in which security is ingrained and embodied within and by everyone, from the executives through the employees. Training staff to recognize phishing lures, MFA bombs, and other common — and unfortunately, effective — social engineering techniques is a cost-effective way to improve an organization’s resilience.
Read Post
Arctic Wolf

The Human Element: Navigating the Widening Gap Between Confidence and Reality in Cybersecurity

Oct 15, 2025 By Adam Marrè In Arctic Wolf
In my experience as an FBI agent and security leader, I’ve found that technology alone does not keep us safe. The human element, including our behaviors, our habits, and our decisions, is an ever-present and unpredictable variable in our layers of security. The Arctic Wolf 2025 Human Risk Behavior Snapshot: 2nd Edition brings this into sharp focus, revealing a landscape where employee actions and leadership overconfidence are creating a perfect storm for breaches.
Read Post
Arctic Wolf

CVE-2025-61884: Oracle Releases Emergency Patch for Information Disclosure Flaw

Oct 13, 2025 By Andres Ramos In Arctic Wolf
On October 11, 2025, Oracle released an emergency fix for a high-severity information disclosure vulnerability in Oracle E-Business Suite (EBS), tracked as CVE-2025-61884. The flaw exists in the Runtime UI component of Oracle Configurator and allows remote unauthenticated threat actors to access sensitive resources. Oracle has not confirmed a link between this vulnerability and the extortion emails received by some Oracle EBS customers from the Cl0p ransomware group in recent weeks.
Read Post
Arctic Wolf

Understanding Account Takeovers

Oct 10, 2025 By Arctic Wolf In Arctic Wolf
The identity attack surface is expanding faster than ever. Every new cloud application, remote login, and digital touchpoint creates another entryway threat actors can exploit, targeting the very credentials that give employees, customers, and partners access to critical systems. One of the top, tried-and-true identity attack techniques threat actors have utilized with great success is called an account takeover.
Read Post
Arctic Wolf

SonicWall Concludes Investigation Into Incident Affecting MySonicWall Configuration Backup Files

Oct 8, 2025 By Stefan Hostetler In Arctic Wolf
On September 17, 2025, SonicWall released a knowledge base article detailing the exposure of firewall configuration backup files stored in certain MySonicWall accounts. As of October 8, 2025, the investigation has concluded and SonicWall has updated their advisory accordingly.
Read Post
Arctic Wolf

CVE-2025-61882: New Critical RCE Vulnerability Linked to Oracle E-Business Cl0p Extortion Emails

Oct 6, 2025 By Andres Ramos In Arctic Wolf
On October 4, 2025, Oracle released a fix for a newly disclosed critical vulnerability, tracked as CVE-2025-61882, linked to recent extortion emails received by some Oracle E-Business Suite (EBS) customers. This vulnerability allows unauthenticated remote threat actors to achieve remote code execution and resides in the BI Publisher component of Oracle Concurrent Processing.
Read Post
Arctic Wolf

Alleged Cl0p Extortion Emails Linked to July 2025 Oracle E-Business Suite Vulnerabilities

Oct 3, 2025 By Andres Ramos In Arctic Wolf
On October 2, 2025, Oracle announced that some Oracle E-Business Suite (EBS) customers had received extortion emails. Oracle’s investigation revealed the potential use of vulnerabilities previously addressed in the July 2025 Critical Patch Update. The following nine vulnerabilities in EBS products were addressed in the July update. These vulnerabilities range from medium to high severity, with three potentially exploitable by remote, unauthenticated threat actors.
Read Post
Arctic Wolf

The Human Factor in Cybersecurity: How to Reduce Risk, Build Culture, and Strengthen Resilience

Oct 2, 2025 By Arctic Wolf In Arctic Wolf
In today’s cybersecurity landscape, one thing remains constant: humans are both our greatest asset and our biggest risk. Despite increasingly sophisticated technology, human risk, insider threats, and social engineering attacks like phishing,continue to lead the charge when it comes to successful breaches.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.